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Examiner Art Unit 

Tracey Akpati 2135 
The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- tf NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )Kf Responsive to communication(s) filed on 
2a)D This action is FINAL. 2b)M This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) H Claim(s) 7-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 13 Claim(s) 7-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 27 November 2000 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)Q Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . As per the phone interview with the attorney on 4/16/04, it was suggested to the attorney 
by the examiner to amend the limitation of the independent claims, namely Claim 1 so as to put 
the case in a possible condition for allowance. After a meeting with my SPE, regrettably the 
claims did not meet this expectation. The examiner regrets any disappointments this has caused 
to the attorney and/or applicant. 

Following a phone conversation with the attorney, the examiner disclosed this to the 
attorney and the attorney suggested to send in another amendment to alleviate the broadness and 
1 12 issues within the independent claims, namely Claim 1 . A further pre-amendment was 
received by fax from the attorney on 5/28/04. This pre-amendment eliminates the trademark 
"Palm operating system" and hence eliminates the possible 112 rejection. However, the 
attorney's pre-amendment does not further narrow the scope of the claims so as to put the case in 
a condition for allowance. Hence a non- final rejection has been made for this case as shown 
below. 

Claim Rejections - 35 USC § 112 
Claim 13, 14 and 16 recites the limitation "said request". There is insufficient antecedent 
basis for this limitation in the claim. Claim 14 is rejected by virtue of dependency. Since there 
is more than one request, the limitation "said request" lacks sufficient antecedent basis. 



Claim Rejections - 35 USC §103 
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The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 6, 7, 8, 13, 14, 16-18, 20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Atkinson et al (6367012 Bl). 

With respect to Claim 1, the limitation of "monitoring calls to applications resident on the 
handheld computer" is met on column 2, lines 35-40 and 44-52; and "identifying a code 
associated with a program initiating said call" is met on column 3, lines 13-24; and "at least 
temporarily preventing an action requested by said call from being executed if the identified code 
does not correspond to a code associated with data said action is to be performed upon" is met on 
column 9, lines 9-20; and "wherein identifying a code comprises identifying a creator code on a 
handheld computer operating system; wherein the creator code is used to prevent malicious 
behavior" is met in the abstract. The signature/certificate represents the creator code because it 
verifies the integrity and authenticity of the file/program being downloaded to the computer so as 
to prevent any kind of malicious behavior/code. 

It would have been obvious to have a handheld computer in place of the computer 
disclosed in Atkinson et al because a handheld computer is simply a computer, with all its 
working properties and capabilities, but shrunk in size. Moreover, according to In re Rinehart, 
531 F.2d 1048, 189 USPQ 143 (CCPA 1976), 'the mere scaling up of a prior art process capable 
of being scaled up, if such were the case, would not establish patentability in a claim to an old 
process so scaled/ 531 F.2d at 1053, 189 USPQ at 148. 
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With respect to Claim 6, the limitation of "identifying at least one of the applications as a trusted 
application, wherein trusted applications are not prevented from performing actions" is met on 
column 3, lines 18-24. 

With respect to Claim 7, the limitation of "receiving data on an infrared port of the handheld 
computer and installing said data in a temporary database" is met on column 2, lines 8-12. The 
sandbox/playpen provides a temporary storage database or medium for the suspicious program. 
The handheld device is obvious for the reasons disclosed in Claim 1. 

With respect to Claim 8, the limitation of "asking a user whether to accept said data before 
loading said data onto the handheld computer" is met inherently n column 9, lines 9-20. The 
handheld device is obvious for the reasons disclosed in Claim 1. 

With respect to Claim 13, the limitation of "monitoring requests for action by 
applications on the handheld computer" is met on column 2, lines 35-40, 44-52; and "evaluating 
said requests to determine if said requests may result in potentially harmful behavior to data 
stored on the handheld computer" is met on column 2, lines 35-40, 44-52; and "preventing said 
action from being performed if said request is identified as potentially harmful behavior" is 
inherently on column 3, lines 47-58; and "notifying a user of the handheld computer of said 
potentially harmful behavior" is met on Fig. 6; and "wherein evaluating said requests comprises 
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comparing a creator code associated with the application requesting said action with a creator 
code associated with data the action is to be performed upon; wherein the creator code is used to 
prevent malicious behavior" is met on column 3, lines 14-24. 

The signature/certificate represents the creator code because it verifies the integrity and 
authenticity of the file/program being downloaded so as to prevent any kind of harmful 
behavior/code. 

It would have been obvious to have a handheld computer in place of the computer 
disclosed in Atkinson et al because a handheld computer is simply a computer, with all its 
working properties and capabilities, but shrunk in size. Moreover, according to In re Rinehart, 
531 F.2d 1048, 189 USPQ 143 (CCPA 1976), 'the mere scaling up of a prior art process capable 
of being scaled up, if such were the case, would not establish patentability in a claim to an old 
process so scaled.' 531 F.2d at 1053, 189 USPQ at 148. 



With respect to Claim 14, the limitation of "wherein monitoring requests for action comprises 
monitoring API calls" is met on column 26, lines 7-17, 26-39; column 30, lines 27-33. 

With respect to Claim 16, the limitation of "identifying at least one application as a trusted 
application and allowing said action to be performed even if said request is identified as 
potentially harmful if requested by the trusted application" is met on column 2, lines 6-11. 
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With respect to Claim 17, its limitation is similar to Claim 1 limitation and hence its rejection 
can be found therein. 

With respect to Claim 18, its limitation is similar to Claim 6 limitation and hence its rejection 
can be found therein. 

With respect to Claim 20, its limitation is similar to Claim 13 limitation and hence its rejection 
can be found therein. 

Claims 2-4 are rejected under 35 U.S.C. 103(a) as being unpatentable over Atkinson et al 
(6367012 Bl) in view of Walsh et al (5956481). 

With respect to Claim 2, all the limitation is met by Atkinson et al except for the 
limitation disclosed below. 

The limitation of "wherein monitoring calls to applications comprises installing a patch 
on the handheld computer, the patch being operable to intercept calls" is met on Walsh et al on 
column 2, lines 6-16. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Walsh et al within the system of Atkinson et al because 
installing a patch will enable the computer processes to execute the patch in place of the original, 
less secure routines in order to ensure the system is immune from malicious attack/code. 
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With respect to Claim 3, all the limitation is met by Atkinson et al except for the 
limitation disclosed below. 

The limitation of "wherein installing a patch comprises replacing an API address with a 
patch address" is met by Walsh on column 2, lines 6-16. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Walsh et al within the system of Atkinson et al because 
replacing an API address with a patch address will enable the computer processes to execute the 
patch in place of the original, less secure routines in order to ensure the system is immune from 
malicious attack/code. 

With respect to Claim 4, all the limitation is met by Atkinson et al except for the 
limitation disclosed below. 

The limitation of "wherein installing a patch comprises utilizing get trap and set trap 
commands" is inherently met by Walsh on column 2, lines 6-16. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Walsh et al within the system of Atkinson et al because 
the trap commands are inherent routines executable with a patch, enabling the patch to do its job. 

Claims 9-12 are rejected under 35 U.S.C. 103(a) as being unpatentable over Atkinson et 
al (6367012 Bl) in view of Chess (5572590). 

With respect to Claim 9, all the limitation is met by Atkinson et al except for the 
limitation disclosed below. 
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The limitation of "wherein the action requested is a password manipulation" is met by 
Chess on column 1, lines 49-55 and on column 2, lines 8-13. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Chess within the system of Atkinson et al because a 
malicious change could be easily categorized as a password manipulation. Hence Chess's 
disclosure can be taken to cover a password manipulation. 

With respect to Claim 10 and 1 1 all the limitation is met by Atkinson et al except for the 
limitation disclosed below. 

The limitation of "wherein the action requested is deletion/modification of data" is met 
by Chess on column 1, lines 49-55 and column 2, lines 8-13. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Chess within the system of Atkinson et al because 
deletion/modification of data is a malicious change to data stored on a computer. Hence Chess's 
disclosure can be taken to mean deletion/modification of data. 

With respect to Claim 12, all the limitation is met by Atkinson et al except for the 
limitation disclosed below. 

The limitation of "wherein the action requested is manipulation of an operating system" 
is met by Chess on column 1, lines 49-55 and on column 2, lines 8-13. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Chess within the system of Atkinson et al because 
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unauthorized manipulation of an operating system is a malicious change to data stored on a 
computer. Hence Chess's disclosure can be taken to mean manipulation of an operating system. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tracey Akpati whose telephone number is 703-305-7820. The 
examiner can normally be reached on 8.30am-6.00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 703-305-4393. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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